Wednesday, November 2, 2011

Researchers propose simple fix to thwart e-voting attack

Researchers have devised a simple procedure that can be added to many electronic voting machine routines to reduce the success of insider attacks that attempt to alter results.

The approach, laid out in a short research paper (PDF), augments the effectiveness of end-to-end verifiable election systems, such as the Scantegrity and the MarkPledge. They're designed to generate results that can be checked by anyone, by giving each voter a receipt that contains a cryptographic hash of the ballot contents. --->>>

Microsoft Research has revealed a potential flaw in verifiable e-voting machines through which fraudsters could easily use discarded ballot receipts as a guide for altering votes. Fortunately, the researchers also offered a solution -- linking new receipts to previous ones with cryptographic hashes -- but that alone won't make e-voting entirely secure, they cautioned. --->>>